Product verification and authentication system and method

ABSTRACT

The present invention provides for a system and method for product verification for use with products intended to be introduced into circulation and including machine readable product data, and comprising a product data storage means, at least one portable reading device for said machine readable product data, wherein the machine readable product data is applied to products and is arranged for inspection by the at least one portable reading device remotely from the product data storage means and at at least one point in the product circulation route, and wherein the at least one portable reading device is arranged to verify the authenticity of the machine readable product data and thereby verify the authenticity of the product itself.

[0001] This invention relates to a new tax revenue protection andproduct authentication system designed to protect government agencies orbrand owners from losses of tax revenues (particularly excise tax incase of governments) from the effects of product counterfeit, illegalimport of excise-liable goods and cross border trading and also toprotect the consumer from the dangers of consumption of counterfeitproducts (particularly, counterfeit drinks, tobacco, foods,pharmaceuticals, automotive spare parts) or alternatively designed toprotect integrators of complex technical devices such as aircraft parts,computers and electronic devices. This system may also have militarysecurity applications for audits of inventory, etc.

[0002] This invention concerns the production, use, tracking andverification through-out the circulation chain of producer/importer,distributor, retailer of a secure data label or other instrument on aproduct carrying both machine readable data regarding the product andpreferably secure visual means to check for product authenticity using avisual optical security element such as a diffractive optical device ora thin film interference optical device. This label is coupled to aproduct tracking and tracing system for the government agency orcommercial entity employing random data/product inspections throughoutthe circulation chain as a way of using inspection feedback to monitorthe system.

[0003] The problem of loss of government revenue due to productcounterfeit, illegal (gray) import and cross-border trading has reacheda monumental scale. Billions of dollars are lost each year due to thesale of illegal goods, especially excise-liable goods. Excise evasionleads to evasion from income tax and other taxes because in someterritories sales of illegal goods are unrecorded and contribute to theblack market economy. Governments have long attempted to prevent thisintroducing various methods to ensure the legality of the goods. Themost wide spread of these methods is the introduction ofcounterfeit-proof excise stamps (usually sequentially numbered) appliedto every unit of product. This method, however, only partially solvesthe problem because, firstly, excise stamps themselves contain onlyphysical security features without any data verification elements andare therefore liable to counterfeit. Practice shows that most of thetime creating a consumer-passable counterfeit is enough to ensure safesale of illegal or counterfeit product. Such counterfeit is unlikely topass a lab test but such tests are rare and usually performed only whena major source of counterfeit goods is discovered by law enforcementagencies. Secondly, excise stamps are supplied to producers andimporters in a random manner, hardly any database exists that wouldrecord the limited (albeit valuable) information that a traditionalexcise stamp has to offer i.e. sequential numbers and there is noinformation-based system that would describe both the producers andimporters of the product and the product itself and allow to verify thelegality of the product by tracing and verifying its route to the pointof origin.

[0004] Currently various approaches have been used for product security.These include security labelling using anti-counterfeit features such asholograms, diffractive devices, threads or various forms of securityprint to add an authentication label or document to the good containinga difficult to counterfeit public recognition security device. Examplesof such optical diffractive features are known in the art and by usageand specific examples amongst several can also be found in U.S. Pat.Nos. 4,561,41, 5,034,003, WO-A-93/18419, U.S. Pat. Nos. 5694229 and5,483,363. Such labels can also contain a unique number usually addedvia overprint. However, these systems suffer disadvantages. First, theyprovide no tracing of the product through the distribution or retailsystem to protect the supplier against parallel trading. Secondly, theyprovide the consumer with no additional security other than theirrecognition of a public recognition security device and, thirdly, thesecurity of this device against counterfeit or passing off can varydepending on the quality and technology of the device. Also there is nomeans for measuring or monitoring the system other than by activeinspection.

[0005] A further system, as used in the drinks industry, comprisesadding to the valuable items a security label containing both a visualsecurity element for consumer recognition and verification in the formof a diffractive optical device, and also a bar-code pattern containingdescriptive data for use by, for example the product issuing authorityand the selling authority to reconcile and control the sale of product.This system represents an improvement over previous systems because itallows the government agency or the manufacturer to monitor and verifythe sales that are made. However, the verification available to theissuing and inspection authorities or the consumer, e.g. end customer,is disadvantageously limited to the visual recognition of the opticaldiffractive security device.

[0006] Similarly attempts have been made by integrators of complexmechanical and electronic devices to ensure traceability of parts andcomponents supplied to them. However, available means of authenticationused have often failed to ensure the authenticity of such parts andcomponents.

[0007] The present invention seeks to provide for a productauthentication system and method having an advantage over known systemsand methods.

[0008] According to one aspect of the current invention there is aprovided product verification system for use with products arranged topass along a distribution route, consisting of for example a commercialconsumer distribution route or business-to-business circulation, andincluding machine readable product data, and comprising product datastorage means for storing data corresponding to the machine readableproduct data applied to the products, and at least one, preferablyintelligent, e.g. programmable, portable reading, (and preferablyprocessing and storing) device arranged for accessing the machinereadable product data at a point along the distribution route andpreferably programmed with an algorithm allowing the verification of theauthenticity of such product data and storage of the results of theverification process and preferably arranged to download the results ofthe generally multiple verification processes into the product datastorage means and generating report files. In a preferred embodiment theverification process is carried out randomly on a portion of theproducts and can be in on embodiment carried out according to apredetermined or automatically generated (e.g. sequence of randomchecks) inspection protocol and the results of the inspection are storedand communicated to the authorities for verification and enforcement.

[0009] In an alternative embodiment of the current invention, there isprovided a product verification system for use with products arranged topass along a commercial consumer distribution route or business tobusiness circulation and including machine readable product data, andcomprising data storage means for storing data corresponding to themachine readable product data applied to the products, and at least oneportable reading device arranged for accessing the machine readableproduct data at a point along the distribution route and to verify theauthenticity of such product data via establishing a connection withproduct data storage means and comparing product data applied to theproducts with corresponding product data sourced from such product datastorage means.

[0010] In a preferred embodiment of the current invention there isprovided label means upon which machine readable product data isprovided. The label means can be applied to each product unit and/or thepackaging of each product unit. Alternatively the label means can beapplied to the packaging of batches of product units. Advantageously thelabel means can comprise a security label which is arranged to bedestroyed when tampered with or when the product is unwrapped. Thesecurity label does not have to be totally destroyed when tampered withbut rather can be arranged to reveal that tampering has taken place.

[0011] The machine readable product data can be applied to at least oneof individual product units, the label means, the packaging ofindividual product units or the packaging of batches of products usingany one of, or any combination of, thermal transfer, inkjetting, digitalprinting processes, mechanical engraving, laser engraving andtraditional printing techniques. It is to be understood, however, thatthis list is not exhaustive and that the current invention is not to belimited to these techniques of applying machine readable product data tothe product, label means or packaging.

[0012] In another embodiment a visual security device is incorporatedinto the system. The visual security device can comprise, but is notlimited to, at least one of a diffractive optical device, a holographicdevice, a thin film interference device, a security print, water markedpaper, threaded paper, windowed threaded paper, or security print paper.In a further embodiment the optical security device includes hiddensecurity features. The hidden security features can comprise, but is notlimited to, at least one of fluorescent images, diffractive images,microtexts or microimages. In one preferential embodiment the printelement of the label will contain at least one feature ‘digitallywatermarked’ (as detailed below by repetitively altering the edge pixelpattern) preferentially designed such that the feature is destroyed byscanning or copying. In a preferred embodiment the visual securitydevice is a diffractive or holographic device consisting of a surfacerelief diffractive structure.

[0013] In one embodiment the visual security device is incorporated intoa label means containing machine readable product data. The label meansmay then be applied to individual product units, the packaging ofindividual product units or the packaging of batches of product units.In an alternative embodiment the visual security device is applied toeach product unit by embossing or engraving.

[0014] Advantageously in one embodiment the visual security device isarranged to be machine readable. Several forms of machine readabilityare possible. One method would be to use an array of point diffractiongratings each diffracting in a different direction matched to a readerconsisting of a diode laser or similar illumination device and severaldiscrete detectors or a CCD detector for detecting the array of outputspots which can then be decoded.

[0015] Another preferred form of machine readable device incorporatedwithin a hologram is to incorporate a small diffractive version of a barcode, preferentially a 2D bidirectional bar code (e.g. PDF-417 format)into a portion of the holographic or diffractive image. This wouldprovide a forensically authenticatable machine readable feature. In apreferred embodiment a small are of a security diffractive orholographic image scale size 1×1 mm up to 5×5 mm would contain amicroscopically reduced version of a 2D PDF bar code recorded as eithera set of diffractive or white diffusive areas mixed with non recordedareas to provide the black and white coding. Each pixel would besignificantly smaller than those normally read by PDF bar codes andwould typically be of a size less than the normal resolution of thehuman eye i.e. typically less than 250 micron, typical pixel size around25 to 100 micron. The bar code accuracy would rely on the highresolution of holographic and diffractive recording processes—apreferential recording process would be the direct writing of thepattern by electron beam lithography as known in the art. A preferentialform of the pixels would be as matt white scattering structures ofrandom microscopic form, although diffractive and diffraction gratingstructures could also be used. The machine readable structure could alsobe concealed within another visual part of-the image. Typically thestructure of the machine readable pattern would not be visible by eyebut could be used to verify the authenticity of a diffractive securitydevice by a forensic verification process comprising recording anenlarged view of the machine verifiable feature using an opticalmicroscope and printing out an enlarged version of the PDF bar code on adigital or photographic printer or similar, then reading the recordedenlarged bar code on a conventional 2D bar code reader to check that thebar code is both readable and contains the correct data. Optionally aspecial bar code scanner could be used that reconstructed an enlargedimage of the diffractive 2D bar code on an image sensitive device asused in a typical scanner to decode the bar code. The forensic routeusing optical microscopy offers a useful opportunity to edge enhance byimage processing the image captured to increase the accuracy of bar codedecoding. Usefully this covert bar code would contain specialinformation about the system or the security diffractive device,optionally encrypted to make back engineering very difficult andoptionally linked to the encrypted features in the bar codes recorded onthe items.

[0016] Preferably the machine readable product data is in the format ofa barcode. Further, the bar-code format can be a bi-dimensional format.In another embodiment the machine readable product data is encrypted.Advantageously asymmetric or dynamic key encryption algorithms can beused to encrypt the machine readable product data.

[0017] In yet another embodiment the system comprises a productidentification reference. The product identification reference can bearranged to identify corresponding product data stored in the productdata storage means.

[0018] In yet another embodiment the machine readable product data is‘digitally watermarked’—a particularly useful way to achieve thisinvolves slightly and characteristically altering certain parts of the2D bar code such that the code remains readable but also containscertain second order information. Generally the second order informationwould be contained in the edge of each bar code pixel which wouldcontain instead of a sharp edge one or two small grey scale pixels onone or both edges whose repetitive nature or other coding formed ahidden code or characteristic of that particular code (a ‘digitalwatermark’). A particularly preferred position to locate such pixelswould be in the border or start/stop bars incorporated at each edge ofthe code where the additional second order marking is less likely todegrade the reading of the code information. This marking would serve asa way of securing the source of each bar code. For example, eachapplication or group of applications could have a different digitalwatermark or each printer or group of printers for an application couldbe so encoded. A useful way to write such a bar code would be using a socalled digital print engine, which could reproduce each bar code using adifferent digital watermark. Preferentially a digital printer would workfrom a custom symbol library for any particular bar code for anyparticular application—so for example there could exist a library ofcustom 2D bar code symbols each corresponding to a slightly differentedge pattern on the pixels or guard bars which could be used for anyparticular application or particular encoding required. Anotherpreferential route for production would be to alter the print driver ofa thermal print engine when used for security applications such thateach 2D code contained a particular additional encoding over-laying themain encoding. A useful way to detect such encoding would be to scan thebar code into a commercially available software, programme, such asAdobe Photoshop, and use some custom code written with this programme todecode the particular hidden code within the bar code. A preferentialand more straightforward way to decode such ‘digital watermarks’ in barcodes would be to compare the scanned bar code against an ideal blackand white pure edge bar code which would rapidly by difference revealany edge encoding on edge pixels of the image. This could be donerelatively straightforwardly with some custom software which aftercomparison then detects the repetitive pattern in the edge pixels andthen detects the repetitive code (e.g. binary pattern) stored therein.The additional coding would not only protect against counterfeit toallow an additional level of verification but would preferably also beconstructed in such a way that the additional code was degraded beyondrecognition by copying or scanning to evidence counterfeit or attemptedcounterfeit by copying or scanning. This would then provide additionalevidence of counterfeit and protection against the same. An example ofone way of forming such a code is shown in FIG. 5. Optionally some ofthe fixed printed information in a document would also contain suchadditional protection which would optionally be linked into the digitalwatermark applied to the 2d bar code. This technique could also be usedas a way of digitally watermarking line graphic print as used forsecurity print by adding additional information to the edges of the lineor block areas.

[0019] In a further embodiment the comparison between the machinereadable product data and the product data stored in the product datastorage means is performed automatically. Access to the product datastored in the product data storage means can be arranged to be secure toprevent unauthorised access. Additionally, the machine readable productdata can also be compared with the product itself to identify anydiscrepancies between the actual physical product and the description inthe machine readable product data. In a preferred embodiment thesechecks are random and are performed on a portion of the products. In apreferred embodiment the verification process is carried out randomly ona portion of the products and can be in one embodiment carried outaccording to a predetermined or automatically generated (e.g. sequenceof random checks) inspection protocol and the results of the inspectionare stored and communicated to the authorities for verification andenforcement. This is advantageous to ensure complete independence of thesystem against internal corruption within the portions of theauthenticating body.

[0020] The product verification system can also be arranged to beintegrated into a warehousing system.

[0021] According to a second aspect of the current invention there isprovided a method of verifying products with machine readable productdata arranged to pass along a distribution route and comprising thesteps of inputting the product data into a product data storage system;applying the machine readable product data to each product unit; readingthe machine readable product data with a portable reading device atleast one point in the product distribution route; verifying theauthenticity of such product data using a pre-programmed intelligentreading, processing and storing device or using a simpler reading deviceto communicate with the product data storage means in order to comparethe received product data from the product with product data of theproduct data storage system for verification purposes; and downloadingthe results of the verification.

[0022] Preferably the method of verifying products includes theadditional step of applying a visual security device to the product.Preferably the visual security device is a diffractive or holographicdevice, preferably a surface relief structure with tamper evidentproperties.

[0023] The method of verifying products can include the additional stepof inspecting the visual security device applied to the product. In onepreferred embodiment the verification actions occur for a portion of theproducts selected randomly.

[0024] Alternatively the method of verifying products includes theadditional step of inspecting the visual security device with a readingdevice.

[0025] Advantageously the method of verifying products includes theadditional step of including hidden security features in the visualsecurity device.

[0026] The method of verifying products can include the additional stepof inspecting the hidden security features in the visual securitydevice.

[0027] Preferably the method of verifying products includes theadditional step of comparing the product itself with the machinereadable product data. Preferably this step is carried out by theinspecting authority randomly according to a pre-determined or randomlydetermined inspection routine.

[0028] Favourably the method of verifying products includes theadditional step of comparing machine readable product data and/orproduct data stored in the product data storage means and/or the productitself with other documentation.

[0029] According to another aspect of the current invention there is aproduct data storage system arranged to store data corresponding tomachine readable data elements associated with products, and arranged tobe accessed by at least one reading device for the retrieval of productdata stored in the storage system and to allow for modification of theproduct data by the at least one reading device.

[0030] This invention concerns the production, use, tracking andverification through-out the distributor, retail and consumer chain of asecure data label or other instrument on a product carrying both machinereadable data regarding the product and preferably secure visual meansto check for product authenticity using a visual optical securityelement such as a diffractive optical device or a thin film interferenceoptical device. This label is coupled to a product tracking and tracingsystem for the enforcement or issuing agency and where certain aspectsof which can be accessed by the inspection entities during randominspections via a link or when inspection protocols are generatedaccording to a predetermined or random system where the database isaccessed and part of the information down-loaded to a (preferentiallyhand held) inspection device used during an inspection, where theinspected product data is compared against the genuine product dataobtained from the database to detect any discrepancies and the genuineand comparison data is then communicated back to the database or theproduct issuing or enforcement agency or both to generate a result ofthe inspection procedure. The results of the inspection procedure andcomparisons can also be generated real time during the inspectionprocess itself. This provides a way of using occasional inspectionfeedback to monitor and enforce the correct operation of the system.

[0031] This invention also relates to a product anti-counterfeiting andauthentication system and related method.

[0032] The problem of counterfeit of high value goods or health orsafety critical goods is becoming an increasing menace due to theproliferation of manufacturing technologies which enables fake goods orprint to be readily counterfeit to a standard of finish and packagingthat can readily deceive consumers. Examples of product items at riskinclude high value consumer goods such as fashion goods and watches,beverages, health critical pharmaceuticals, safety critical items suchas spare parts for aircraft or vehicles, computer software and certaingovernment or official documents. Brand owners, for example producers ofhigh-value branded consumer products or producers of safety or healthcritical products, can suffer from product counterfeit, illegalimportation and cross-border trading resulting in reduced revenuestreams for such brand owners, damage to brand reputation andpotentially substantial legal liabilities for damage caused by faultygoods.

[0033] Consumers also suffer from the unknowing purchase of sub-standardcounterfeit products both for personal reasons in paying for asub-standard non-genuine product with reduced quality and benefits andalso in some cases for personal health and safety reasons such as in thepurchase and use of counterfeit medicines, pharmaceuticals, orcounterfeit spare parts. Such aforementioned consumers also include endusers or installers who wish to verify the authenticity of theirproducts such as doctors and hospitals for pharmaceuticals, aircraftmaintenance companies and airlines for aircraft spare parts, motorcommercial vehicle spare parts, computer spare parts and generally anyitem of value with a critical or important function where it is usefulto guarantee or verify the authenticity and standards of performance.Also, the term product is intended to cover all possibleitems/activities of commerce and including services and know-how.

[0034] The present invention seeks to provide for a productauthentication system and method having an advantage over known systemsand methods.

[0035] According to one aspect of this invention a productauthentication system for use with products including secure machinereadable product data preferably in some cases provided in the form of alabel carrying the machine readable data and an optical diffractionbased visual security device for securitisation and visualauthentication, and comprising a product data storage means, a pluralityof reading devices for reading said secure machine readable productdata, communication link means between said reading devices and saidproduct data storage means, wherein the reading devices are adapted toread the machine readable product data on products remotely from theproduct data storage system and communicate said product data to saidproduct data storage system via the communication link means tofacilitate comparison of the product data on the product with productdata in the product data storage system and to enable modification ofthe data in the product data storage system for each unit or batch ofproduct, and including means for accessing the modified data so as toidentify the manner in which the data was modified by input from thereading devices and so identify the passage of a unit of product via asuccession of reading devices.

[0036] In preferred embodiments the reading devices would be usedthrough the product distribution chain for tracking and authenticatingthe product up to the point of sale by a retailer to an end customer orsupply to an end commercial customer. In preferred embodiments the endcustomer would be able to access the database, possibly to limitedcontrolled extent possibly by use of an internet web site, to verify theauthenticity and product distribution route data of their particularproduct. This would provide not only visual authentication andverification of genuineness for the end customer by, in a preferredembodiment, visual verification of the authenticity of a diffractiveoptical security device on the label but also on-line verification forthe end customer via the database access of product authenticity. Inpreferred embodiments the end user would characterise the product forthe database using a number generated at the point of sale on forexample a purchase receipt or advantageously by use of a visual numberincorporated on the product label. This would thus provide total visualauthentication and traceability authentication for a product not justdown the supplier distribution chain but also additionally for the endconsumer or user.

[0037] In a preferred embodiment the means for labelling the productswith secure machine readable product data generates a label which isattached to the product which in a preferred embodiment also carries avisual diffractive optical security device for public recognition with afunction to provide security for the machine readable data againstunauthorised copying and also to secure the product against illegalcopying. The label is attached to each product unit, preferably with asuitable adhesive, and/or can be attached to the packaging of eachproduct unit or a batch of products. In a preferred but not limitingembodiment the label is arranged to be tamper proof such that when thelabel is interfered with it is obvious upon visual inspection that anattempt has been made to remove the label. In one such embodiment thelabel is arranged to be irreparable upon tampering to prevent alterationand reuse.

[0038] In a preferred embodiment visual security devices areincorporated into the product authentication system preferablyincorporated in the label and preferably in the form of diffractive orholographic security devices designed to provide a visual image by theprocess of diffraction for visual public recognition purposes. This isto provide a visual public recognition authentication and securitydevice in addition to the machine readable verifiable device to providea secure visual method of authentication to all parties along thedistribution chain including the customer to prevent illegal copying ofthe labels. At least one visual security device is attached to eachproduct unit or the packaging for each product unit, and in thepreferred embodiment the diffractive visual security device isintegrated into the same label as the machine readable data to securethe data and provide a public recognition security device to verify itsauthenticity to prevent illegal copying and illegal duplication of codeddata. An alternative form of optical security device could include anoptical security device based on thin film optical effects. The visualsecurity devices can also be applied to the packaging of a batch ofproducts. The visual security devices may be preferably a visualsecurity device based on the process of optical diffraction such as adiffraction grating based device (e.g. ‘kinegram’, ‘exelgram’) as knownin the art or a security hologram, as known in the art) which is aparticularly advantageous class of device for high security and a highdegree of public recognition. Other known print security devices may beintegrated with this primary device or alternatively, although notpreferentially used to provide the first line of visual security. Theseanticipated secondary devices include the security print basedtechniques of watermarked paper, threaded paper, windowed threaded paperor security print paper. It is to be understood however that this is anon-exhaustive list and that the current invention is not restricted tothese types of security devices.

[0039] In the preferred embodiment of this invention the visualdiffractive security device is incorporated into the label generated bythe means for labelling products with machine readable product data inorder to secure the machine readable data against unauthorised copyingand reproduction, to provide both a visual security device and a machinereadable potentially uniquely encoded security device within the samelabel, such that the visual security device protects both the productand the machine readable data from unauthorised duplication and passingoff.

[0040] A security data carrier label is normally applied onto every unitof product. The product data can be unique or batch numbered or coded asappropriate. The security data carrier includes a diffractionanti-counterfeit element comprising a surface grating or holographicgrating generating an optical diffraction effect (hologram) and/or otherphysical security elements such as security print, watermarked paper,threaded paper, window thread paper, security print paper.

[0041] In another advantageous and preferred embodiment of thisinvention a visual human readable product identification number can beincluded in the product data applied to each product unit. This numbercan later be used by the end consumer when, for example, accessing theproduct database over an Internet connection to obtain tracing data forthe product. Alternatively in a simpler form of the invention thetracing number could be generated and issued to the end customer at thepoint of sale for use in interrogating the product database to ascertainauthenticity.

[0042] Preferably the identification number, or at least part of this,is applied to the label carrying the machine readable data andadvantageously is applied to this indelibly and preferentially isapplied indelibly to the optical diffraction visual security element inorder to protect the product identification number from alteration. Anadvantageous method of achieving this would be by a variable chemicaldemetallisation process or by, for example, a laser ablation baseddemetallisation process. This number could also be applied to theproduct itself and could also be applied to the product indelibly.

[0043] By these means in a preferred embodiment of this invention asingle tracking label applied to an article provides a securediffraction based visual security device for product and labelauthentication and protection against counterfeit, a machine readableportion preferably a bar code (possibly 1-D or of the 2-D high densityformat such as PDF-417) carrying product authentication and trackingdata potentially unique or batched, for example, and in one alternativeembodiment a visual number for use by the end user when accessing thedatabase to ascertain the product history and authenticity.

[0044] In one possible alternative embodiment the diffractive devicecould also contain highly secure machine readable diffractive datamatched to specialised readers for use by some or all read stationssuitably equipped. This would be for additional secure data storage andverification, or possibly to allow access to additional secure fields ofdata within the machine readable portion of the code to add additionalsecurity and functionality.

[0045] Particularly useful applications of a whole product secureauthentication and tracking system containing both visual securityelements, tamper proof qualities and secure machine readable elementswhere the system is designed to allow the end user to verify the productwould be in the protection of high value luxury goods or spirits againstcounterfeit or diversion, the protection of high value or health andsafety critical goods such as pharmaceuticals or critical computer ormechanical parts (e.g. aeronautics) against counterfeit and diversion.

[0046] Other embodiments of the product identification system utilisedifferent means for encoding preferably labels and optionally productswith machine readable product identification data. One such approach isto use a thermal transfer device. Alternative approaches to encodingproducts with machine readable product identification data includeinkjet printers, laser printers, digital printing systems, etchingsystems, embossing systems or engraving systems. It is to be understoodthat these techniques are indicated only as examples and that thecurrent invention is not limited to these particular techniques.

[0047] Preferably the communication link facilitates electronic datatransactions. The communication link can be physical such as thehardwired telephone network, and can include internet connections, orcan be wireless incorporating transceiver means.

[0048] In a further embodiment the interface to the computerised productdata storage system incorporates security means. In one instance thesecurity means comprises encryption algorithms. The interface, forexample a web site for access by a standard web browser, is used bycustomers who have purchased a product with product source data toaccess the computerised product data storage system to verify theproduct distribution route data contained within the computerisedproduct data storage system for the purposes of authenticating thepurchased product. Alternatively the interface could consist of adedicated system. The security means ensures that only authorisedpersons, such as the customer, can gain access to the data stored in thecomputerised product data storage system. Access can also be restrictedto data pertaining to the specific purchased product or some othersubset of the data stored in the computerised product data storagesystem. A restriction to read only can also be placed on the interface.

[0049] Advantageously in one embodiment the machine readable productidentification data applied to the product is in the format of abar-code. In another embodiment it is in the format of a bi-dimensionalbar-code. The machine readable product identification data can also beencrypted. In one instance dynamic key encryption algorithms are used toconvert product identification data into bar-code format.

[0050] In another embodiment machine readable product identificationdata is incorporated into the visual security devices.

[0051] According to another aspect of the invention a method of productauthentication for products with machine readable product datacomprising the steps of inputting the product identification data into aproduct data storage system; reading the product identification data ofthe product with a reading device at least one inspection point withinthe product distribution chain; communicating the product identificationdata read by the reading device to the product data storage system via acommunication link; comparing the received product identification datafrom the reading device with the product data stored in the product datastorage system for authentication purposes and modifying the productdistribution route data in the product data storage system, and allowingfor access to the modified data so as to confirm the manner in which thedata was modified at the said at least one inspection point.

[0052] Preferably, the method includes the step of labelling productswith visual security devices.

[0053] The method can include the step of authenticating the product atthe visual inspection point(s) by the visual security devices.

[0054] The method can include the step of accessing the computer productdata storage system via an interface to verify data.

[0055] The method can also allow for verification of, for example, acode or number carried on security label or generated at last point ofreading by machine reading device, for example at point of purchase.

[0056] According to another aspect of the invention there is provided aproduct data storage system arranged to store data corresponding tosecure machine readable data elements associated with products, andarranged to allow for serial modification of the said data by means ofinteraction with respective series of reading devices, and arranged toallow for later, preferably limited, access to the modified data by anend customer or consumer so as to confirm the manner in which theoriginal data was modified interaction with each of the said readingdevices so as to allow the end customer to confirm the genuineness ofthe product. Said confirmation step is preferably carried outindependently of any reading device by the end customer or consumeraccessing the database by, for example, a web site and inputting anumber or code or other data associated with the product or its point ofpurchase, such code to be optionally generated at point of purchase orpreferably to refer to be visual readable code or number also carried bythe secure product label that visual number optionally carried in asecure indelible way.

[0057] This invention concerns the production, use, tracking andverification throughout the distributor, retail and consumer chain of asecure data label or other instrument on a product carrying both machinereadable data regarding the product and preferably secure visual meansto check for product authenticity using a visual optical securityelement preferably such as a diffractive optical device or a thin filminterference optical device. This label is coupled to a product trackingand tracing system for the manufacturer or brand owner and where certainaspects of which can be accessed by the end consumer via an internetsite as a check for authenticity for the consumer and as a way of usingconsumer feedback to monitor the system.

[0058] In order that the invention may be clearly understood and readilycarried into effect some preferred embodiments thereof will now bedescribed, by way of example only, with reference to the accompanyingdrawings, in which:

[0059]FIG. 1—is block diagram representing a product verification systemaccording to one embodiment of the current invention;

[0060]FIG. 2—illustrates product data applied to a product/productpackaging according to one embodiment of the current invention;

[0061]FIG. 3—illustrates product data and a visual security deviceapplied to a product/product packaging by means of a security labelaccording to one embodiment of the current invention.

[0062]FIG. 4—illustrates the operation of a forensic machine readablediffractive device according to an embodiment of a particular apect ofthe present invention;

[0063]FIG. 5—illustrates a digital watermark according to an embodimentof another particular aspect of the invention;

[0064]FIG. 6—is block diagram representing a product authenticationsystem according to one embodiment of the current invention;

[0065]FIG. 7—illustrates product data applied to the product accordingto one embodiment of the current invention; and

[0066]FIG. 8—illustrates product data and a visual security deviceapplied to a product by means of a security label according to oneembodiment of the current invention.

[0067] In FIG. 1 there is illustrated the source of, for example abranded product and identified as the producer 1 importer 1, anadministrator 2, a database 3, a plurality of potential inspectionpoints 4 in a distribution route identified as distributors (1 . . . n),a point of sale 5, a customer 6, an inspector 7 equipped with a portablereading device (not shown) and a generally temporary communication link8 between the portable reading device and the database 3 through whichthe result of the inspection conducted by the portable reading device ona portion of the products in circulation preferably according to apredetermined or random protocol generated by the system or inspectionagency can be downloaded or data can be down loaded from the databasebefore inspection.

[0068] The producer/importer 1 is the business entity responsible forintroduction of a product into circulation or the distribution route.The administrator 2 is an entity authorised by a regulator to operateand maintain the system, or can be the regulator itself, wherein theregulator is a government executive body such as the tax inspectorate orsecurity responsible body or an integrator of complex mechanical orelectronic devices. The database 3 is a data storage system arranged toreceive, store and possibly update product data and is administered bythe administrator 2. Distributors are participants in the commercialcirculation of a product and the route of the product from theproducer/importer 1 through all of the distributors that handle theproduct to the point of sale 5 to the customer 6, defines thedistribution route. The inspector 7 is the agent acting on behalf of theregulator who inspects the products at at least one inspection point 4anywhere in the distribution route. The inspection may take place at thepremises of a particular distributor or the producer/importer 1 of aproduct, or during transit between distributors or holding facilities,or at the point of sale 5 to the customer 6.

[0069]FIG. 2 illustrates a product 9 with product data 12 comprising amachine readable component 10 and a reference code 11.

[0070] In the embodiment illustrated in FIG. 2 the product data 12 areapplied directly onto individual product units 9 and/or the packaging ofindividual product units 9 and/or the packaging of batches of theproduct 9. The machine readable product data 10 is in the form of abar-code and the reference code 11 is in the form of an alphanumericcode. The product data recorded in the bar-code 10 can relatespecifically to the goods on which it is applied so, for example, thevolume of spirits contained in bottles may be recorded, or the type ofspirit. The product data recorded in the machine readable product data10 can also include the alphanumeric code. The product data can alsocontain an additional digital watermark, as described above, toadditionally verify the product data and its origin.

[0071]FIG. 3 illustrates a product 9 with product data 12 comprising amachine readable component 10 and a reference code 11, wherein theproduct data 12 are applied to a label 13. The label can be attached toindividual product units 9 and/or the packaging of individual productunits 9 and/or the packaging of batches of the product 9. Also appliedto label 13 is an optical security device 14. The machine readableproduct data 10 is in the form of a bar-code and the reference code 11is in the form of an alphanumeric code.

[0072] The operation of one embodiment of the invention will now bedescribed. A producer/importer 1 applies to an administrator 2 for issueof labels 13 for the number of units of a product 9 that he intends tobe introduced into a particular territory. The labels 13 are generatedby the administrator 2 and contain product data 12 comprising a bar-code10 and an alphanumeric reference code 11. Corresponding product data tothat applied to the labels 13 is stored in a database 3. The labels 13are supplied to the producer/importer 1 who attaches them to each unitof a product 9. The product 9 is then released into commercialcirculation, eventually reaching a customer 6 via the distributionroute. In case of integrator for complex mechanical or electronicdevices acting as regulator, such regulator also acts as the customer 6.

[0073] At at least one inspection point 4 in the distribution route,which is preferably selected at random, an inspector 7 inspects at leastone product unit 9 and its corresponding product data 12. The inspectioncan take place anywhere in the distribution route from the place ofmanufacture/import into the territory, any intermediate holding orstorage facility, the premises of any distributor, when in transit inthe territory or at the point of sale 5 to the customer 6. The inspector7 may make a plurality of inspections at different inspection points 4,on a portion of the products in the distribution route or revisit thesite 4 of an earlier inspection to carry out further checks.

[0074] The inspector 7 is equipped with a portable reading device (notshown) which is arranged to read the machine readable product data 10which, in this embodiment, is in the form of a bar-code.

[0075] In one embodiment of the current invention the intelligentreading device is pre-programmed to verify the authenticity of theproduct data without communication to the database 3. In this case theproduct data is converted into the bar-code 10 in such a way that itsretrieval is only possible by using such preprogrammed intelligentreading device. The inspector 7 may be prompted by the reading device toinput the alphanumeric reference code 11 in ordere to verify it againstthe reference list of alphanumeric codes contained in the memory of thereading device. If such verification is successful, the reading deviceenables bar code reading mode. The inspector 7 uses the portable readingdevice to read the bar code 10. Correct reading of the bar code is fullydependent on conversion algorithm and the reading will fail if the label13 is counterfeit and the conversion algorithm used to print the barcode is incorrect. If the reading is successful, the data stored in thebar code 10 is displayed to the inspector 7 who can compare the datavisually with the product 9 to see if, for example, the spirit bottlresare 0.5 cl and contain whiskey. The inspector 7 can also check theproduct data against other commercial documentation. Yet another checkis the comparison of the alphanumeric code 11 against the alphanumericcodee in the machine readable product data 10.

[0076] In an alternative embodiment of the current invention theportable reading device can also temporarily communicably connected tothe database 3 via communication link means 8, for example a cellulartelecommunication link or hardwire link. The inspector 7 uses theportable reading device to read the barcode 10. The inspector 7 can usethe alphanumeric reference code 11 to retrieve product data stored inthe database 3 corresponding to the machine readable product data 10 onthe label 13, via communication link means 8. A comparison can be madebetween the product data stored in the database 3 visually with theproduct 9. A further comparison can be made between the product datastored in the database 3 and the machine readable product data 10. Thisfurther comparison can be made with at lease a portion of the data inthe database 3 having been uploaded to the portable device forcomparison purposes. The inspector 7 can also check the product dataagainst other commercial documentation. Yet another check is thecomparison of the alphanumeric code 11 against the alphanumeric code inthe machine readable product data 10. Yet another check would be tocheck digital watermark data in the bar codes and to check machinereadable data within the visual device as a second line of forensicfeatures to check genuiness of product data in more detail.

[0077] The inspector 7 can use the portable reading device to update thedatabase 3 with the inspection results or other data.

[0078] As mentioned the machine readable product data 10 can be in theform of a bar-code. The bar-code can be in the format of a linearbar-code or in the format of more sophisticated devices such as thePDF-417 bi-dimensional barcode. The machine readable product data 10 canalso be in an encrypted format. One such technique is to encrypt thedata using asymmetric or dynamic key encryption algorithms. Thisprevents unauthorised retrieval of data from the barcode withnon-specialised commercial bar-code scanners and prevents creation ofcounterfeit bar codes which can easily be detected because they use adifferent conversion algorithm. Another technique is to encode digitalwatermark data into small elements of the bar code for forensic use asdescribed above or to check the machine readable data stored within thediffractive structure.

[0079] The machine readable product data 10 can be applied to a label 13which in turn is applied to the product 9 or its packaging. In thisembodiment the machine readable product data 10 can be applied to thelabel 13 using any one of, or any combination of, thermal transfer,inkjetting, digital printing processes, mechanical engraving, laserengraving and traditional printing techniques. The label 13 can beapplied to products automatically, by machines for example, or manually.Alternatively the machine readable product data 10 can be applieddirectly to the product 9. In this embodiment the machine readableproduct data 10 can be applied to the product 9 by a variety oftechniques such as embossing, mechanical engraving, laser engraving,printing.

[0080] The label 13 can be arranged to be destroyed if tampered with orif an attempt is made to remove it from a product 9 or when the product9 is unwrapped. The label 13 does not have to be totally destroyed butrather can be arranged to indicate that tampering has taken place.

[0081] In another embodiment an optical security device 14 (see FIG. 3)can be applied to the label 13 or the product 9 directly. This providesa means of visual verification and helps to prevent illegal copying. Theoptical security device 14 can comprise any one of, or any combinationof, a diffractive optical device, a holographic device, a kinegram, athin film interference device, security print workings potentiallyincluding digital watermarks, water marked paper, threaded paper,windowed threaded paper, or security print paper. This is annonexhaustive list of the type optical security devices 14 that can beused. The preferred visual security devices anticipated are diffractiveas these have a high degree of public recognition value and a highdegree of counterfeit resistance.

[0082] The optical security device 10 can be arranged to be verifiedusing instruments means (not shown) and/or visually. Instrumentverification comprises the assessment of the presence and quality ofhidden optical security features such as UV fluorescent images, hiddendiffractive images, micro-texts and micro-images using such instrumentsas UV lamps, laser detectors, magnifying glasses. Visual verificationcomprises visual assessment of the presence and quality of features suchas depth, colour shifts and kinetic effects. The optical security device14 can also be arranged to store machine readable product data 10 in asuitable format.

[0083] The inclusion of optical security devices 10 provides a furtherform of inspection for the inspector 7 to conduct. During an inspectionthe inspector 7 can visually verify the optical security device 14and/or verify the optical security device instrumentally.

[0084] The product data stored in the database 3 may be encrypted andaccess to the database 3 can be made secure, for example, by usingpasswords and security protocols such as SSL.

[0085] Reading device (not shown) can be arranged to automaticallycompare the machine readable product data 10 with the product dataretrieved from the database 3 to verify the product 9 at the inspectionpoint 4.

[0086] Applications can be made to the administrator 2 either indocumentary format, on-line via the internet, for example, or on-lineusing secure connections.

[0087] Additionally, the system can be integrated in theProducer's/Importer's 1 warehousing system enabling search and movementcontrol functions for the product 9 at such a warehouse. Communicationis possible between the respective warehousing database and the database3. Such a warehousing system is likely to use radio-frequency devices.

[0088] The communication link means 8 can include a modem in conjunctionwith commercial mobile telecommunications equipment, a custom dedicatedmobile telecommunications system, the hardwired (or optical fibre)telephone network, the internet, or other available means.

[0089] Retrieval of machine readable product data 10 from the label 13using a reading device is an important procedure. Failure to retrievemachine readable product data 10 in valid form can be an indication ofpossible counterfeit.

[0090] Cross-checking of machine readable product data 10 againstcommercial documents relates to verification of machine readable productdata 10 data elements describing the producer/importer 1 i.e. the originof the product 9 against invoices, bills of lading, certificates andother commercial documents at the inspection point 4 which documentsrefer of a certain product route supposed to be originating at the samepoint of origin. For example, if an invoice, bill of lading orcertificate shows that the product 9 was supplied by X originated at Y,and the machine readable product data 10 shows Z as theproducer/importer 1, this may be an indication of illegal commercialtransactions.

[0091] Updating and cross-checking the database 3 can be performedoff-line after a series of inspections the result of which are stored inreading devices memory. This approach is facilitates verification of theinspection results against the product data stored in the database 3,and creation of a separate bank of data with inspection results forfuture reference. Alternatively, updating and cross-checking thedatabase 3 can be performed on-line by way of establishing a connection,preferably a secure connection, between a reading device and thedatabase 3 at the inspection point 4 via communication link means 8.

[0092] Generating the protocol of inspection is intended to excludenegligence or corruption of the Inspector by way of verifying therecorded results of inspections which revealed potentially illegalproduct 9 against actions taken and/or reported by the inspector 7 inevery particular case.

[0093]FIG. 4 illustrates the operation of a forensic machine readablediffractive device according to an embodiment of the invention and asdiscussed above. A security diffractive or holographic device (19)displays a diffractive image (20) for visual authentication and alsocontains a small area (scale size 1 mm) containing forensic featureconsisting or small areas (beneath visual resolution) of diffractive ormatt scattering structure which therefore undetectable by the eye. Thewhole device appears as a small square featureless or matt area. Toauthenticate the device, and enlarged picture (23) is obtained of thestructure using for example an optical microscope (22), which can thenbe scanned by a 2D bar code reader (24) to authenticate the device.Optionally the 2D bar code in the forensic diffractive feature isencrypted.

[0094]FIG. 5 illustrates an area (29) containing machine readable datacontaining primary data in the form of a 1D or 2D bar code (30)containing a secondary code or digital watermark in the form of a verysmall repetitive binary or pixel pattern along the edge of the main datablocks (33,34) shown schematically and enlarged by around 100 times(35). A particularly useful area to incorporate these additionalforensic codes is in the edge guard bars (31) and the enlargement (35)shows a portion of these guard bars showing a microscopic repetitivepixel pattern forming the digital watermark for the bar code (33,34)which can be revealed upon scanning and image processing the image usinga standard package such as Adobe Photoshop.

[0095] In FIG. 6 there is illustrated the source of, for example, abranded product and identified as an owner 11, an administrator 12, adatabase 13, a plurality of inspection points 14 in a distribution chainwhich stretches from the owner 11 to an end customer 17, an inspectionpoint 16 at the point of sale of the product to the customer 17,communication links 15 connecting each of respective reading devices(not shown) provided at each of the inspection points 14 to the database13, and an interface 8 to the database 13. The interface 18 isillustrated as a web site which facilitates two way data transactionsbetween the customer 17 and the database 13.

[0096] As mentioned, the owner 11 is the brand owner of the product andthe controlling authority of the product authentication system. In theillustrated example, the administrator 12 is an entity authorised tooperate and maintain the system. The administrator 12 can be the sameentity as the owner 11 or alternatively can comprise an entity having anauthorised computer programmed to input product data into the database13 and programmed to control the information transactions between thereading devices at the inspection points 14 and the database 13.

[0097] The owner 11 and/or the administrator 12 are responsible forencoding products 19 with secure product identification data 112 oneither individual product 19 or product packaging as appropriate (seeFIGS. 7 and 8). Product data 112 is a combination of encoded productidentification data 110 and a product identification number 111 and inone embodiment a secure visual diffractive device to provide visualauthentication and to protect against unauthorised copying andduplication of these labels. The product 19 can be any product which canreceive or which can be adapted to receive product data 112 on itself oron its packaging, optionally via an applied label. The productauthentication system could thus be used in a wide variety ofindustries. Secure product identification data 112 can be applied toeach individual unit and/or the packaging of the product 19 or can beapplied to the packaging of batches of product 19. The identificationdata describes the product and can identify the unit or consignment, theentities or owners that introduced the product into commercialcirculation and the place of origin.

[0098] The security label carrying the product identification number 111is displayed on the product 19 with the machine readable identificationdata and with the visual diffractive security device (to securitise bothand allow the label to be visually verified as genuine) which is alsodisplayed on the label applied to the product to allow the customer tovisually verify the product. All three elements are preferably carriedon the same label to allow verification of genuineness of machinereadable data via the visual diffractive optical device and usefully theproduct number can be partially or wholly applied to the label ordiffractive device 19 using indelible methods. In embodiments whereindelible methods are not used standard approaches such as inkjet orlaser printing can be used to apply the identification number 111 to theproduct 19. The number can identify the product type or the individualunit as required. The encoded product identification data 110 istypically applied to the product 19 in bar code format, and is machinereadable and is securitised against unauthorised copying by the visualdiffractive security device. The bar code format can be either linear orbi-dimensional and can also be encrypted using dynamic key encryptionalgorithms.

[0099] The term labelling is used in the broadest sense. That is machinereadable product identification data 112, visual diffractive securitydevice and product identification number can preferably can beincorporated in a label 113 which can be adhered to the product 19, thelabel 113 being retreated with an adhesive during the manufacturingprocess or an adhesive applied in a separate operation prior toattachment to the product 19. One such example is a security label 113which is adapted to be destroyed when tampered with. Alternativelylabelling the product 19 with product data 112 can be achieved using avariety of printing techniques such as inkjetting, thermal transfer,laser printing or other digital printing methods. Likewise, othertechniques such as etching, engraving or embossing can be employed.

[0100] Amalgamating the elements of machine readable identification dataand visual security device and optionally product identification numberinto one secure machine readable and visually verifiable preferablytamper evident label and counterfeit protected security label on theproduct provides a significant security and control enhancement overapplying these elements separately, although this possibility isrecognised in this invention and is anticipated here as a less secureand less elegant approach.

[0101] The owner 11 and/or the administrator 12 can also input theproduct data 112 into the database 13. The product data 112 is stored inthe database 13 and can be accessed and modified by the owner 11 or theadministrator 12. Records in the database can also be modified wheninformation is received from the reading devices at the inspectionpoints 14 at various stages in the distribution chain and the inspectionpoint 6 at the point of sale of the product 19 where visualauthentication and verification of the correct visual opticaldiffractive security device also takes place. At the point of sale thecustomer can also visually verify the optical diffractive securitydevice and later and later access the database using the optionalproduct identification number to further authenticate the genuineness ofthe product. At this stage the customer can also be provided withadditional information or sales opportunities on this or similarproducts or additional product information. The distribution chainsimply refers to the route between the various suppliers who handle theproducts 19 from the owner 11 through the retailer to the customer 17 atthe point of sale 16.

[0102] The inspection points 14, 16 are typically remote from thedatabase 13. Data is transferred from the reading devices to thedatabase 13 via communication links 15. The reading devices willtypically read the encoded product identification data 110 and a signalis sent to the database 13. This signal contains data about the specificproduct checked at a particular point in the distribution chain. Theencoded product identification data 110 is then compared with theproduct data stored in the database 13. The comparison can either beperformed manually by the owner 11 or administrator 12 or automaticallyby the database system 13. If a positive comparison is made between theincoming encoded product data 110 and the product data stored in thedatabase 13 then the product identification data record in the database13 can be updated. For example, the record can be updated to includeinformation about the supplier at the inspection point 14, informationpertaining to the previous supplier from whom the products 19 werereceived, the next destination of the products 19, or details about theretailer or customer at the point of sale 16. Security protocols can beintroduced to enable distributor access to the database 13. The purposeto the security protocols is to ensure the data received is from theappropriate distributor and in the correct format to protect theintegrity of the product data held in the database 13.

[0103] The communication links 15 between the reading devices at theinspection points 14, 16 and the database 13 can be existingtelecommunication systems, and can include programmed computers to sendproduct data in a particular format. Alternatively dedicatedcommunication systems can be employed.

[0104] The reading devices are adapted to read the encoded productidentification data 110. The type of reading devices used depends uponthe format of the encoded product identification data 110. A typicalreading device is a bar code reader. In some embodiments the bar codereader is adapted to read encrypted bar codes.

[0105] Visual optical diffractive security devices 114 can also beattached to the product 19. The purpose of the visual security devices114 is to provide a visual authentication means in addition to theencoded product identification data 110 and product identificationnumber 111, to authenticate product and authenticate genuineness oflabel and protect against unauthorised copying of machine readableproduct data. The visual security devices can be authenticated at any ofthe inspection points 14, 16. Typical visual security devices 114include diffraction grating security elements, holographic gratings,security holograms, thin film interference optical devices. These couldbe augmented by security print techniques, water-marked paper, threadedpaper, window threaded paper and security paper, primarily these areanticipated as secondary security devices as they are regarded as havingless effectiveness as public recognition devices than diffractivedevices, though this invention recognises that such devices could besubstituted for the diffractive devices in this system and anticipatesand claims such systems also. The visual diffractive security devices 14can be applied to each individual unit and/or the packaging of product 9else can be applied to the packaging of batches of product 19. Thedevices 114 can be applied to, or incorporated with, the label 113.Alternatively the devices 114 can be applied to the product 19 using avariety of printing techniques such as inkjetting, thermal transfer,laser printing or other digital printing methods. Likewise, othertechniques such as etching, engraving or embossing can be employed.Certain visual security devices 114 can also be adapted to incorporatemachine readable product data.

[0106] The interface 18 provides access for the customer 17 to productdata stored in the database 13. Using the product identification number111 the customer is able to select and view the appropriate productdistribution route data record and therefore confirm the authenticity ofthe purchased product 19 in a preferred embodiment in addition to beingable to use the visual diffractive security device at the point of sale.The interface 18 can be a web site limited two-way connection. Otherdata can be made available to the customer 17 such as instructionmanuals, warranty details, advertising and promotion and retrieval ofadditional customer information or offering extra services. A facilityto gather customer 17 feedback can also be incorporated into theinterface 18. The interface 18 can also be used as for secondary salesof banner space.

[0107] The interface 18 can include appropriate security protocols tolimit the scope of the customer 17 interaction with the database 13. Thecustomer 17 can be limited to access all or part of the appropriateproduct distribution route data concerning a specific unit of theproduct 19 which has been purchased. Further security protocols can beused to ensure that access to the product distribution route data storedin the database 13 is restricted to the customer 17 or to a personnominated by the customer 17. Such protocols may include user namesand/or passwords. The customer's 17 user name and password can besupplied with the product. One such method is to automatically generatethe user name and/or password on the retailer's receipt at the point ofsale 16. Alternatively the user name and/or password can be suppliedwith the product at the point of commercial circulation or at some laterpoint in the product distribution chain. One such method is to generatethe user name and/or password during the product data labelling phase.Where security protocols include encryption algorithms encryptionsoftware can also be supplied to the customer 17. Another useful methodis to use the product identification number or code incorporated in theoriginal security label for this.

[0108] Advantageously the product authentication system can beintegrated into the owner's 11 warehousing system. Such a hybrid systemcan be adapted to facilitate search and movement control functions forthe product 19 at the owner's 11 warehouse. The hybrid system can bearranged such that there is communication between the warehouse databaseand the database 13. Transceiver devices can also be incorporated intothe system to facilitate communication between components of the hybridsystem.

[0109] Usage of the product authentication system will now be described.Product identification data 112 and preferably (optionally) a visualdiffractive security device are applied to every unit of the product 19via typically a security label 113. The product data 112 are sourced bythe administrator 12 from the owner and are down loaded into the centraldatabase 13. A portion of the source data are converted by theadministrator 12 into bar code format (encoded product data 110) usingencryption algorithms which are then applied to security labels 113together with a product identification number 111. The productidentification data 110 can be printed on to the security label 113 byeither inkjet or laser printing methods. A visual security device 114,such as a holographic grating, is also incorporated into the securitylabel 113, which is then attached to each individual unit of the product19.

[0110] The product is then released into commercial circulation by theowner 11. Encoded product identification data 110 is read by a readingdevice at the point of original sale and is communicated to the database13. The product identification data 110 received from the reading deviceis compared with the product data stored in the database 13. In oneembodiment during the product circulation the authenticity of theproduct and the security label can also be ascertained to a first levelvisually by use of the visual security device. This comparison can bemade automatically by the database system 13 or manually by theadministrator 12. If the comparison is positive the database 13 requestsdata from the point of original sale to update the product data recordin the database 13. Additional information about the product route isentered into the database 13 such as the identification of the customerat the point of original sale.

[0111] The product 19 then moves through the various stages of thedistribution chain until it arrives at the end point of sale 16. Product19 is inspected and authenticated visually and by machine en route at anumber of predetermined inspection points 14 within the distributionchain. Encoded product identification data 110 is read by a readingdevice at inspection point 14 and is communicated to the database 13.The product data 110 received from the reading device is compared withthe product data stored in the database 13. This comparison can be madeautomatically by the database system 13 or manually by the administrator12. This process can be performed on-line or in a batch format at theend of a working period. If the comparison is positive the database 13requests data from the inspection point to update the product datarecord in the database 13. Additional information about the productroute is entered into the database 13. Each inspection point 14 has theappropriate information or hardware to comply with the securityprotocols built into the database 13 and can carry out visual inspectionas appropriate to verify genuineness of security label using thediffractive device in one embodiment which can also be used for firstline authentication in situations where machine reading is notavailable. Each product 19 can also be authenticated by means of visualinspection of the visual security device 114.

[0112] Optionally the product passes through one or more inspectionpoints where inspection and authentication of the product is carried outeither at the point of sale or elsewhere in the product commercialcirculation cycle by a party authorized by the Owner (potentially theAdministrator or a party acting for the Administrator, the retailer orsuitable points in the distribution chain) which inspection consists ofvisual and/or instrumental authentication.

[0113] The authentication process is repeated at the point of sale 16 tothe customer 17 by the retailer. Both the retailer and the customer 17are also able to visually authenticate the product 19 by the visualsecurity device 115.

[0114] Having purchased the product 19 the customer 17 is able tointerrogate the database 13 via an interface 18 to authenticate theproduct 19 by accessing product distribution route informationconfirming the source of the product and the distribution chain employedso as to receive data verifying the complete route taken from source toend point of sale. The interface 18 is typically a secure web site. Thecustomer 17 is provided with a password and/or user name as appropriate,or in one embodiment uses the product data number or code as appliedinitially to the security label, or uses any other requirements tocomply with the security protocols, so as to be able to access theproduct data record in the database 13 through the web site. Theappropriate product data record is identified using the productidentification number 111. The customer 17 can then authenticate theproduct 19 which has been purchased. The interaction of the customer 17and the database 13 is restricted.

[0115] The interface 18 can also be used by the customer 17 to registerfor warranties, gain access to general product information or to providefeedback for marketing purposes or additional and specific productinformation (e.g. usage for pharmaceuticals or safety critical spareparts). The process can be used to inform the customer if the product isnot genuine or suspect.

[0116] A preferred example of the full system operation is as follow:

[0117] Product identification data are applied onto every unit of theProduct via Secure data carrier (security label) by the Owner of theproduct or by the Administrator of the product authentication systemappointed by the owner and downloaded into the Database.

[0118] The Product is released into commercial circulation by the Owner.Product identification data are retrieved from secure data carrier atthe Point of Original Sale, a connection with the Database isestablished, the Database verifies product identification data andrequests updating (additional Product Route data) from the Owner.

[0119] The Product arrives to the Distributor and is further releaseddown the Distributor/Retailer chain by the Distributor. Productidentification data are retrieved from secure data carrier at the Pointof Distributor Sale, a connection with the Database is establishedwhereby access is granted to the Distributor upon verification of theDistributor Password, the Database verifies identification Data andrequests updating (additional Product Route data) from the Distributor.This can be done on-line or in a batch format for example at the end ofa working period.

[0120] Optionally the product passes through one or more InspectionPoints where inspection of the product is carried out either at thepoint of sale or elsewhere in the product commercial circulation cycleby a party authorized by the Owner (potentially the Administrator or aparty acting for the Administrator, the retailer or suitable points inthe distribution chain) which inspection consists of visual and/orinstrumental authentication.

[0121] The Product arrives to the Retailer and is further sold to theConsumer. Product identification data are retrieved from secure datacarrier at the Point of Retailer Sale, a connection with the Database isestablished whereby access is granted to the Retailer upon verificationof the Retailer Password, the Database verifies product identity dataand requests updating (additional Product Route data) from the Retailer.This can be done real time on-line or in batch format for example at endof working day when a number of transactions could be logged.

[0122] Optionally in a preferred form both the Retailer and the Consumerat the point of sale can visually verify the authenticity of the Productby the presence and visual performance of the diffractive optical device(OVD).

[0123] The Consumer upon purchasing the Product verifies theauthenticity by, logging onto the Internet Site applicable to the Owner(additional access restriction for the Consumer can be introduced in theform of the Consumer Password) and inputs the product identificationcode or number. Having exchanged data with the Database, the Site makesavailable all or part of the Product Route data for the Consumer toverify purchase detail authenticity and thereby providing the Consumerwith 100% accurate authentication of the Product. If the product was notgenuine or had not followed the appropriate supply chain the asappropriate Consumer and Owner could be automatically alerted.

[0124] Optionally at the consumer verification stage of the Owner canalso offer the consumer additional service or functions such as warrantyand the owner can request additional information from the Consumer formarketing purposes.

[0125] The Internet Site in step is optionally reconciled withadditional information in the Database thereby detailing any deviationsor unauthorized products which are notified to the Owner and/orappropriate authorities for action.

[0126] It should of course be appreciated that the invention is notrestricted to the details of the foregoing embodiments.

[0127] It should of course be appreciated that the invention is notrestricted to the details of the foregoing embodiments as it will beobvious to those skilled in the art that minor changes can be made tothe invention, for example, the use of more than one database orinspector, using different techniques to apply product data to theproduct 9 and the type and number of visual security devices used.

1. A product verification system for use with products intended to beintroduced into circulation and including machine readable product data,and comprising product data storage means for storing data correspondingto the machine readable product data applied to the products, and atleast one portable reading device arranged for accessing the machinereadable product data remotely from the product data storage at a pointalong the product circulation route for the purposes of verification ofauthenticity of such machine readable product data and henceverification of authenticity of the product itself.
 2. A system asclaimed in claim 1, wherein t he at least one portable reading device isarranged for accessing at least part of the product data of the databasefor a verification process, and arranged to download the results of theverification process.
 3. A system as claimed in claim 1 or 2, whereinthe said at least one point along the circulation route is selected in arandom manner.
 4. A system as claimed in claim 1, 2 or 3, wherein atleast part of the product data is downloaded from the database to theportable reading device for the verification process.
 5. A system asclaimed in claim 1, 2, 3, or 4, and arranged for the verification ofproducts at the point of delivery to an end cunsumer.
 6. A productverification system as claimed in any one of claims 1 to 5, andincluding label means upon which machine readable product data isprovided.
 7. A product verification system as claimed in claim 6 whereinthe label means comprises a security label which is arranged to bedestroyed when tampered with or when the product is unwrapped.
 8. Aproduct verification system as claimed in claims 5 or 6 wherein thelabel means is applied to each product unit and/or the packaging of eachproduct unit.
 9. A product verification system as claimed in claims 5 or6 wherein the label means is applied to the packaging of batches ofproduct units.
 10. A product verification system as claimed in any oneof the preceding claims wherein the machine readable product data isapplied using any one, or any combination of, thermal transfer,inkjetting, digital printing processes, mechanical engraving, laserengraving and traditional printing techniques.
 11. A productverification system as claimed in any one of the preceding claims,wherein the product is arranged to be provided with a visual securityelement.
 12. A product verification system as claimed in claim 11wherein the visual security element comprises at least one of a surfacerelief structure, a diffractive device, a holographic device, a thinfilm interference device, a security print element, a digital watermark,water marked paper, threaded paper, windowed threaded paper, or securityprint paper.
 13. A product verification system as claimed in claims 11or 12 wherein the visual security element is arranged to include hiddensecurity features.
 14. A product verification system as claimed in claim13 wherein the hidden security features comprises at least one offluorescent images, diffractive images, microtexts or microimages.
 15. Aproduct verification system as claimed in any one of claims 11 to 14wherein the visual security element is incorporated into a label meanscontaining machine readable product data.
 16. A product verificationsystem as claimed in any one of claims 11 to 14 wherein the visualsecurity element is formed by applying a surface relief structure byembossing or engraving.
 17. A product verification system as claimed inany one of claims 11 to 16 wherein the visual security element isarranged to be machine readable.
 18. A product verification system asclaimed in any one of the preceding claims wherein the machine readableproduct data is in the format of a bar-code.
 19. A product verificationsystem as claimed in claim 18 wherein the machine readable product datais in the format of a bi-dimensional bar-code.
 20. A productverification system as claimed in any one of the preceding claimswherein the machine readable product data is encrypted.
 21. A productverification system as claimed in claim 20 wherein the machine readableproduct data is encrypted using asymmetric or dynamic key encryptionalgorithms.
 22. A product verification system as claimed in any one ofthe preceding claims and comprising a product identification reference.23. A product verification system as claimed in claim 22 wherein theproduct identification reference is arranged to identify correspondingproduct data stored in the product data storage means.
 24. A system asclaimed in any one of the preceding claims wherein an intelligentportable reading device is used, such device being pre-programmed to beable to verify the authenticity of the machine readable product datawithout communicating to the product data storage means.
 25. A system asclaimed in claim 24, wherein the portable reader is arranged to beenabled for reading data responsive to the input of reference data. 26.A system as claimed in claim 24 or 25, wherein the correct data readingat the portable reader is dependent upon a conversion algorithm employedfor printing the machine readable data.
 27. A system as claimed in anyof claims 1 to 23 wherein the portable reading device is used to verifythe authenticity of the machine readable product data by communicatingwith the product data storage means and comparing the retrieved machinereadable product data and the product data stored in the product datastorage means.
 28. A product verification system as claimed in any oneof the preceding claims wherein the comparison between the machinereadable product data and the product data stored in the product datastorage means is performed automatically.
 29. A product verificationsystem as claimed in any one of the preceding claims wherein the machinereadable data is compared with the product itself.
 30. A productverification system as claimed in any one of the preceding claimswherein access to product data stored in the product data storage meansis secure.
 31. A product verification system as claimed in any one ofthe preceding claims and arranged to be integrated into a warehousingsystem.
 32. A forensicmachine readable data representation comprising anarray of point diffractive structures of individual scale size below thenormal resolution of the eye and arranged to comprise a representationof a bar code.
 33. A forensic machine readable data representationcomprising an array of matt scattering area structures of individualscale size below the normal resolution of the eye and arranged tocomprise a representation of a bar code.
 34. A machine readable datarepresentation as claimed in claim 32 or 33, and comprising adiffractive representation of a bar code.
 35. A machine readable datarepresentation as claimed in claim 32, 33 or 34, wherein the bar codecomprises a 2D bidirectional bar code formed from a portion of adiffractive or holographic image to be replayed in addition to themachine readable data.
 36. A machine readable data representation asclaimed in claim 32, 33, 34 or 35, and arranged such that an opticalmicroscope is arranged to record an enlarged image of the machinereadable features for subsequent reading.
 37. A system as claimed in anyone of claims 1 to 31, and employing machine readable data representedas claimed in any one of claims 32 to
 36. 38. A machine readable datarepresentation comprising a graphical indicia adapted to include adigital watermark.
 39. A machine readable data representation as claimedin claim 38, wherein the digital watermark os formed by digitallywatermarking linr or area printed structures formed by standard printtechniques.
 40. A machine readable data representation as claimed inclaim 39, and comprising a 2D bar code adapted to contain second orderinformation by way of the digital watermark.
 41. A machine readable datarepresentation as claimed in claim 39 or 40, wherein the digitalwatermark is formed at pixels defining the edge of the indicia.
 42. Amachine readable data representation as claimed in claim 41, wherein thedigital watermark consists of a repetative pattern of edge pixels formedaccording to a predetermined rule.
 43. A method of verifying productswith machine readable product data intended to be introduced intocirculation and comprising the steps of inputting the product data intoa product data storage system; applying the machine readable productdata to each product unit; reading the machine readable product datawith a portable reading device at at least one point in the productdistribution route and verifying the authenticity of such receivedproduct data and thereby verifying the authenticity of the productitself.
 44. A method as claimed in claim 43, wherein the said at leastone point in the distribution route is selected in a random manner. 45.A method as claimed in claim 43, or 44, and wherein at least a portionof the product data in the database is uploaded to the portable readingdevice for the verification process.
 46. A method of verifying productsas claimed in claim 44, 44 or 45, and including the additional step ofapplying a visual security element to the product.
 47. A method ofverifying products as claimed in claim 46 and including the additionalstep of inspecting the visual security element applied to the product.48. A method of verifying products as claimed in claim 46 and includingthe additional step of inspecting the visual security element with areading device.
 49. A method of verifying products as claimed in any oneof claims 46 to 48 and including the additional step of including hiddensecurity features in the visual security element.
 50. A method ofverifying products as claimed in claim 48 and including the additionalstep of inspecting the hidden security features in the visual securityelement.
 51. A method of verifying products as claimed in any one ofclaims 43 to 50 and including the additional step of comparing theproduct itself with the machine readable product data.
 52. A method ofverifying products as claimed in any one of claims 43 to 51 andincluding the additional step of comparing machine readable product dataand/or product data stored in the product data storage means and/or theproduct itself with other documentation.
 53. A method as claimed in anyone of claims 43 to 52, wherein an intelligent reading device is used,such device being pre-programmed to be able to verify the authenticityof the machine readable product data without communicating to theproduct data storage means.
 54. A method as claimed in claim 53, andincluding enabling the reading of the data in response to the input ofreference data.
 55. A method as claimed in claim 53 or 54, wherein thecorrect reading of the data is dependent upon a conversion algorithmemployed for printing the machine readable data.
 56. A method as claimedin any one of claims 43 or 52, wherein the portable reading device isused to verify the authenticity of the machine readable product data viacommunicating with product data storage means and comparing theretrieved machine readable product data and the product data and theproduct data stored in the product data storage means.
 57. A productdata storage system arranged to store data corresponding to machinereadable data elements associated with products, and arranged to beaccessed by at least one reading device for the retrieval of productdata stored in the storage system and to allow for modification of theproduct data by the at least one reading device.
 58. A productverification system substantially as hereinbefore described withreference to and as illustrated in the accompanying drawing.
 59. Amethod of product verification substantially as hereinbefore describedwith reference to and as illustrated in the accompanying drawing.
 60. Aproduct data storage system substantially as hereinbefore described withreference to and as illustrated in the accompanying drawing.
 61. Aproduct authentication system for use with products including machinereadable product data, and comprising a product data storage means, aplurality of reading devices for reading said machine readable productdata, communication link means between said reading devices and saidproduct data storage means, wherein the reading devices located remotelyfrom the product data storage system are adapted to read the machinereadable product data on a unit of product and communicate said productdata to said product data storage system via the communication linkmeans to achieve comparison of the product data on the product withproduct data in the product data storage system and to enablemodification of the data in the product data storage system for any unitof product, and including means for accessing the modified data so as toidentify the passage of a unit of product via a succession of readingdevices.
 62. A system according to claim 61, wherein the reading devicesare associated with a respective plurality of locations along a productdistribution route.
 63. A system according to claim 62, wherein themodification of data serves to update the data in the product datastorage system so as to identify the locations through which the productpasses.
 64. A system according to claim 63, wherein the means foraccessing the modified data is arranged to allow an end customer toverify the distribution route taken by the product, the aforesaid meanstherefore being available for access by an end customer.
 65. A systemaccording to claim 61-64, and including label means upon which themachine readable product data is provided.
 66. A system according toclaim 65, wherein the label means comprises a security label which isarranged to be destroyed when tampered with or when the product isunwrapped.
 67. A system according to any one of claims 61 to 66, whereinthe product is arranged to be provided with a visual security device.68. A system according to claim 67, wherein the visual security devicecomprises at least one of a diffractive optical device, a holographicdevice, a thin film interference device, a security print, watermarkedpaper, threaded paper, windowed threaded paper, or security print paper.69. A system according to claim 67 or 68 when dependent on claim 65 or66, wherein the visual security device is also provided on the label.70. A system according to any one of claims 61 to 69, and including aproduct identification number arranged to be employed for accessing themodified data.
 71. A system according to claim 70, wherein the productidentification number is provided with the product.
 72. A systemaccording to claim 71, wherein at least part of the productidentification number is applied to the product indelibly.
 73. A systemaccording to claim 70, wherein an indication of the productidentification number is arranged to be generated at the point of sale.74. A system according to any one of the preceding claims and includingan interface to the product data storage system for the accessing means.75. A system according to claim 74, wherein the product identificationnumber serves to provide access to the interface to the product datastorage system for the end customer.
 76. A system according to claim 74or 75, including security means for the interface to the product datastorage system and which comprise encryption algorithms.
 77. A systemaccording to any one of the preceding claims wherein the machinereadable product data is in the format of a bar-code.
 78. A systemaccording to claim 77, wherein the machine readable product data is inthe format of a bi-dimensional bar-code.
 79. A system according to anyone of the preceding claims wherein the machine readable product data isencrypted.
 80. A system according to claim 79, wherein the machinereadable product data is encrypted using dynamic key encryptionalgorithms.
 81. A system according to any one of the preceding claimswherein the means for accessing the modified data is arranged to operatevia an Internet connection.
 82. A system according to claim 81 whereinthe said connection provides connection to a web site belonging to thesource of the product.
 83. A method of product authentication forproducts with machine readable product data comprising the steps ofinputting the product data into a product data storage system; readingthe product data of the product with a reading device present in atleast one inspection point within the product distribution chain;communicating the product data read by the reading device to the productdata storage system via a communication link; comparing the receivedproduct data from the reading device with the product data stored in theproduct data storage system for authentication purposes and modifyingthe product data in the product data storage system, and allowing foraccess to the modified data so as to confirm the manner in which thedata was modified at the said at least one inspection point and so as toidentify the passage of a product via the at least one inspection point.84. A method according to claim 83, including the step of providing avisual security device in addition to the machine-readable product data.85. A method according to claim 84, including the step of authenticatingthe product at the at least one inspection point by the visual securitydevices.
 86. A method according to any one of claims 83 to 85, includingthe step of accessing the product data storage system via an interface.87. A method according to any one of claims 83 to 86, including whereinthe said access is allowed to an end customer so as to verify the chainof origin of the product.
 88. A product data storage system arranged tostore data corresponding to machine readable data elements associatedwith products, and arranged to allow for serial modification of the saiddata by means of interaction with a respective series of readingdevices, and arranged to allow for access to the modified data so as toconfirm the manner in which the original data was modified byinteraction with each of the said reading devices and so as to identifythe passage of a product via a succession of reading devices.
 89. Asystem as claimed in claim 88, and arranged such that the modificationof data serves to update the said data so as to identify locationsassociated with the reading devices.
 90. A system as claimed in claim 88or 89, and arranged to operate with an interface allowing for the saidaccess.
 91. A system as claimed in claim 88, 89 or 90, and arranged toallow for access by an end customer for the product so as to allow forverification of the chain of origin of the product.
 92. A productauthentication system substantially as hereinbefore described withreference to and as illustrated in the accompanying drawing.
 93. Amethod of product authentication substantially as hereinbefore describedwith reference to and as illustrated in the accompanying drawing.
 94. Aproduct data storage system substantially as hereinbefore described withreference to the accompanying drawings.